Science of Security Lablet at North Carolina State University

 

North Carolina State University's (NCSU) Science of Security Lablet (SoSL) has embraced and helped build a foundation for NSA's vision of the Science of Security (SoS) and of a SoS community. We have emphasized data-driven discovery and analytics to formulate, validate, evolve, and solidify the theory and practice of security. 

NCSU SoSL is currently focussing on three areas, relating to Hard Problems in resilient architectures, metrics, and policy-governed secure collaboration. Four projects are currently active: (1) Coordinated Machine Learning-Based Vulnerability & Security Patching for Resilient Virtual Computing Infrastructure. This research aims at aiding administrators of virtualized computing infrastructures in making services more resilient to security attacks through applying machine learning to reduce both security and functionality risks in software patching by continually monitoring patched and unpatched software to discover vulnerabilities and triggering proper security updates. (2) Predicting the Difficulty of Compromise through How Attackers Discover Vulnerabilities. The goal of this project is to aid security engineers in predicting the difficulty of system compromises through the development and evaluation of attack surface measurement techniques based upon attacker-centric vulnerability discovery processes. (3) Principles of Secure BootStrapping for IoT. This project seeks to aid developers in designing and implementing protocols for establishing mutual trust between users, Internet of Things (IoT) devices, and their intended environment through identifying principles of secure bootstrapping, including tradeoffs among security objectives, device capabilities, and usability. (4) Reasoning about Accidental and Malicious Misuse via Formal Methods. This project seeks to aid security analysts in identifying and protecting against accidental and malicious actions by users or software through automated reasoning on unified representations of user expectations and software implementation to identify misuses sensitive to usage and machine context.

Motivated by NSA's overarching vision for SoS and building on our experience and accomplishments, we will continue (1) developing a science-based foundation for the five hard problems that we previously helped formulate; and (2) fostering a SoS community with high standards for reproducible research. Our approach will involve a comprehensive, rigorous perspective on SoS, including an integrated treatment of technical artifacts, humans (both stakeholders and adversaries) along with relationships and processes relevant to the hard problems. Continual evaluation of our research and community development efforts is key to our approach.

 

Principal Investigators